Overview

overview

10

Static

static

3

2024-10-13...ry.exe

windows7-x64

10

2024-10-13...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-13_190b5b5bf1213609684937a23785f6e7_wannacry

  • Size

    3.6MB

  • Sample

    241013-eabwbs1hlp

  • MD5

    190b5b5bf1213609684937a23785f6e7

  • SHA1

    c65ecb3b24513d87a10acfefdf2ac679907f93d4

  • SHA256

    9712e75274c790fb9b1560e4b4d356688ad558f2576ff64dffeeaa620f3fb044

  • SHA512

    e92221672dfaa99bebe2e202731cd95fbf5148bd32419b2c0e67fe35617cd05b0a351e462d4cb448e73584ca1e7dd893c5c838b98af94900e7dace6bb125a7eb

  • SSDEEP

    49152:XnAQqMSPbcBVQej/1UNRx+TSqTdX1HkQo6SAARdhnvrAH1plAHI:XDqPoBhz1mRxcSUDk36SAEdhvrAVp2HI

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2024-10-13_190b5b5bf1213609684937a23785f6e7_wannacry

    • Size

      3.6MB

    • MD5

      190b5b5bf1213609684937a23785f6e7

    • SHA1

      c65ecb3b24513d87a10acfefdf2ac679907f93d4

    • SHA256

      9712e75274c790fb9b1560e4b4d356688ad558f2576ff64dffeeaa620f3fb044

    • SHA512

      e92221672dfaa99bebe2e202731cd95fbf5148bd32419b2c0e67fe35617cd05b0a351e462d4cb448e73584ca1e7dd893c5c838b98af94900e7dace6bb125a7eb

    • SSDEEP

      49152:XnAQqMSPbcBVQej/1UNRx+TSqTdX1HkQo6SAARdhnvrAH1plAHI:XDqPoBhz1mRxcSUDk36SAEdhvrAVp2HI

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3302) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks